“
A segregation of duties policy is highly relevant for any company that must abide by the Sarbanes-Oxley Act of 2002 (SOX) because SOX specifically requires it.
”
”
James Michael Stewart (CISSP: Certified Information Systems Security Professional Study Guide)